Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

reporter

Members
  • Joined

  • Last visited

    Never

Everything posted by reporter

  1. Women priests and a papal visit in 2010 all helped ease the path to Rome.View the full article
  2. Having already managed to close down at least 50 private schools via VAT, concerns are mounting that a similar financial assault will take its toll on the nation’s churches.View the full article
  3. Support for Israel is a divisive topic among Christians, and has theological roots.View the full article
  4. Growing up may have complicated life, but it doesn’t have to suffocate your faith.View the full article
  5. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively leveraging commercial spyware and remote access trojans (RATs) to target users of mobile messaging applications. "These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim's messaging app,View the full article
  6. "In the long term, secularism grows in Europe because we're not investing in teenagers and the next generation with Christian values," said Lucian Mustata, who is working with the university on its digital expansion into the region.View the full article
  7. On November 21, 2025, security researchers detected the beginning of what would become one of the most aggressive npm supply chain attacks to date. The Shai Hulud 2.0 campaign compromised over 25,000 GitHub repositories within 72 hours, targeting packages from major organizations including Zapier, ENS Domains, PostHog, and Postman. The malware’s self-propagating design created a compounding threat that moved at container speed, not human speed. This variant executed during npm’s preinstall phase, harvesting developer credentials, GitHub tokens, and cloud provider secrets before packages even finished installing. Stolen credentials appeared in public GitHub repositories labeled “Sha1-Hulud: The Second Coming,” creating a secondary attack vector as threat actors recycled tokens to publish additional malicious packages. Researchers tracked approximately 1,000 new compromised repositories appearing every 30 minutes at the attack’s peak. For teams using npm packages in their containerized applications, this attack represented exposure not just to credential theft initially but also to systematic supply chain compromise that could persist across rebuild cycles and burrow deep into supply chains. Docker’s real-time response architecture According to Google Mandiant’s 2023 vulnerability analysis, the average time-to-exploit for vulnerabilities has collapsed from 63 days in 2018-19 to just five days. With Shai Hulud-type attacks on the rise, the likely compression of the vulnerability window will move from days to hours. Within hours of security researchers publishing indicators of compromise, Docker Security created DSA-2025-1124, a Docker Security Advisory that encoded detection rules for the Shai Hulud 2.0 malware signatures. This advisory immediately entered Docker Scout’s continuous monitoring pipeline, where it followed the same automated workflow that handles CVE ingestion. Here’s how the protection deployed: Automatic threat intelligence ingestion: Docker Scout continuously ingests security intelligence from multiple published sources. Scout’s ingestion pipeline identified the malicious package indicators and malware signatures from these sources and propagated them within seconds. Instant supply chain analysis: Docker Scout cross-referenced the threat intelligence against SBOMs from all Docker Hardened Images and customer images under Scout protection. This analysis identified which images, if any, contained dependencies from the compromised package ecosystem, enabling immediate risk assessment across the entire Docker registry. Automated detection distribution: The DSA containing Shai Hulud 2.0 detection rules propagated through Scout’s monitoring infrastructure automatically. Every Docker Scout-protected environment gained the ability to flag malicious packages based on the latest threat intelligence, without requiring manual policy updates or signature downloads. Continuous verification: As Docker Security performed immediate scans of all Docker GitHub Enterprise repositories (which returned no findings), the same SBOM-based verification confirmed that Docker Hardened Images contained no compromised packages. From threat disclosure to deployed protection, the response cycle completed in hours. Organizations using Docker Scout received alerts identifying any exposure to the compromised packages while the attack was still unfolding, allowing them to mount a timely response and protect their infrastructure. Why Docker’s approach creates verifiable protection Docker’s response to Shai Hulud 2.0 demonstrates why security architecture must assume attacks will move faster than human response times. Real-time protection: Traditional vulnerability management treats each threat as a discrete event requiring investigation, triage, and manual remediation. Docker Scout’s architecture treats threat intelligence as streaming data, continuously updating detection capabilities the moment new indicators become available. Unified telemetry eliminates blind spots: The integration between Scout’s monitoring, DHI’s build pipeline, and Docker’s supply chain tracking provides complete visibility into what’s running and where it came from. When the Shai Hulud malware attempted to compromise the npm ecosystem, Docker’s architecture could immediately answer: “Do we have exposure?” Cryptographic verification enables trust under fire: Every Docker Hardened Image ships with complete SBOMs, cryptographic signatures, and verifiable build provenance. During an active supply chain attack, this transparency becomes operational capability. Security teams can prove to auditors, incident responders, and leadership exactly what’s running in production, which versions are deployed, and whether any compromised packages made it through the supply chain. Speed that matches attack velocity: Self-propagating malware spreads through automated exploitation. This means you have to move fast. Docker’s remediation pipeline doesn’t wait for security teams to file tickets or schedule maintenance windows. When threats emerge, the pipeline automatically initiates detection updates, verifies image integrity, and flags exposure based on factual SBOM data. The five pillars prove themselves under pressure Docker’s security architecture rests on five pillars that proved themselves under pressure: minimal attack surface, complete SBOMs, verifiable provenance, exploitability context, and cryptographic verification. During Shai Hulud 2.0, these worked together as implemented controls that functioned automatically, enabling teams to verify exposure immediately through SBOMs, prove integrity through cryptographic signatures, and focus response on actually weaponized packages. Even if your organization does not use Docker Hardened Images, by using Docker Scout you get the same detection speed via Scout-generated SBOMs, which are optimized for transparency and speed. Supply chain security at container speed We believe that increasingly, modern supply chain attacks targeting the package infrastructure will be designed to outrun traditional security response times. The only viable response is security architecture and response mechanism that can match this speed. If your security team is still chasing alerts from last month’s supply chain attack, or if you’re uncertain whether your container images contain compromised dependencies, Docker offers a different approach. Learn more about how Docker Scout and Hardened Images deliver continuous, verifiable protection, or contact our team to discuss how real-time security architecture applies to your specific environment. View the full article
  8. On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming services like Netflix, ESPN and Hulu, all for a one-time fee of around $400. But security experts warn these TV boxes require intrusive software that forces the user’s network to relay Internet traffic for others, traffic that is often tied to cybercrime activity such as advertising fraud and account takeovers. Superbox media streaming boxes for sale on Walmart.com. Superbox bills itself as an affordable way for households to stream all of the television and movie content they could possibly want, without the hassle of monthly subscription fees — for a one-time payment of nearly $400. “Tired of confusing cable bills and hidden fees?,” Superbox’s website asks in a recent blog post titled, “Cheap Cable TV for Low Income: Watch TV, No Monthly Bills.” “Real cheap cable TV for low income solutions does exist,” the blog continues. “This guide breaks down the best alternatives to stop overpaying, from free over-the-air options to one-time purchase devices that eliminate monthly bills.” Superbox claims that watching a stream of movies, TV shows, and sporting events won’t violate U.S. copyright law. “SuperBox is just like any other Android TV box on the market, we can not control what software customers will use,” the company’s website maintains. “And you won’t encounter a law issue unless uploading, downloading, or broadcasting content to a large group.” A blog post from the Superbox website. There is nothing illegal about the sale or use of the Superbox itself, which can be used strictly as a way to stream content at providers where users already have a paid subscription. But that is not why people are shelling out $400 for these machines. The only way to watch those 2,200+ channels for free with a Superbox is to install several apps made for the device that enable them to stream this content. Superbox’s homepage includes a prominent message stating the company does “not sell access to or preinstall any apps that bypass paywalls or provide access to unauthorized content.” The company explains that they merely provide the hardware, while customers choose which apps to install. “We only sell the hardware device,” the notice states. “Customers must use official apps and licensed services; unauthorized use may violate copyright law.” Superbox is technically correct here, except for maybe the part about how customers must use official apps and licensed services: Before the Superbox can stream those thousands of channels, users must configure the device to update itself, and the first step involves ripping out Google’s official Play store and replacing it with something called the “App Store” or “Blue TV Store.” Superbox does this because the device does not use the official Google-certified Android TV system, and its apps will not load otherwise. Only after the Google Play store has been supplanted by this unofficial App Store do the various movie and video streaming apps that are built specifically for the Superbox appear available for download (again, outside of Google’s app ecosystem). Experts say while these Android streaming boxes generally do what they advertise — enabling buyers to stream video content that would normally require a paid subscription — the apps that enable the streaming also ensnare the user’s Internet connection in a distributed residential proxy network that uses the devices to relay traffic from others. Ashley is a senior solutions engineer at Censys, a cyber intelligence company that indexes Internet-connected devices, services and hosts. Ashley requested that only her first name be used in this story. In a recent video interview, Ashley showed off several Superbox models that Censys was studying in the malware lab — including one purchased off the shelf at BestBuy. “I’m sure a lot of people are thinking, ‘Hey, how bad could it be if it’s for sale at the big box stores?'” she said. “But the more I looked, things got weirder and weirder.” Ashley said she found the Superbox devices immediately contacted a server at the Chinese instant messaging service Tencent QQ, as well as a residential proxy service called Grass IO. GET GRASSED Also known as getgrass[.]io, Grass says it is “a decentralized network that allows users to earn rewards by sharing their unused Internet bandwidth with AI labs and other companies.” “Buyers seek unused internet bandwidth to access a more diverse range of IP addresses, which enables them to see certain websites from a retail perspective,” the Grass website explains. “By utilizing your unused internet bandwidth, they can conduct market research, or perform tasks like web scraping to train AI.” Reached via Twitter/X, Grass founder Andrej Radonjic told KrebsOnSecurity he’d never heard of a Superbox, and that Grass has no affiliation with the device maker. “It looks like these boxes are distributing an unethical proxy network which people are using to try to take advantage of Grass,” Radonjic said. “The point of grass is to be an opt-in network. You download the grass app to monetize your unused bandwidth. There are tons of sketchy SDKs out there that hijack people’s bandwidth to help webscraping companies.” Radonjic said Grass has implemented “a robust system to identify network abusers,” and that if it discovers anyone trying to misuse or circumvent its terms of service, the company takes steps to stop it and prevent those users from earning points or rewards. Superbox’s parent company, Super Media Technology Company Ltd., lists its street address as a UPS store in Fountain Valley, Calif. The company did not respond to multiple inquiries. According to this teardown by behindmlm.com, a blog that covers multi-level marketing (MLM) schemes, Grass’s compensation plan is built around “grass points,” which are earned through the use of the Grass app and through app usage by recruited affiliates. Affiliates can earn 5,000 grass points for clocking 100 hours usage of Grass’s app, but they must progress through ten affiliate tiers or ranks before they can redeem their grass points (presumably for some type of cryptocurrency). The 10th or “Titan” tier requires affiliates to accumulate a whopping 50 million grass points, or recruit at least 221 more affiliates. Radonjic said Grass’s system has changed in recent months, and confirmed the company has a referral program where users can earn Grass Uptime Points by contributing their own bandwidth and/or by inviting other users to participate. “Users are not required to participate in the referral program to earn Grass Uptime Points or to receive Grass Tokens,” Radonjic said. “Grass is in the process of phasing out the referral program and has introduced an updated Grass Points model.” A review of the Terms and Conditions page for getgrass[.]io at the Wayback Machine shows Grass’s parent company has changed names at least five times in the course of its two-year existence. Searching the Wayback Machine on getgrass[.]io shows that in June 2023 Grass was owned by a company called Wynd Network. By March 2024, the owner was listed as Lower Tribeca Corp. in the Bahamas. By August 2024, Grass was controlled by a Half Space Labs Limited, and in November 2024 the company was owned by Grass OpCo (BVI) Ltd. Currently, the Grass website says its parent is just Grass OpCo Ltd (no BVI in the name). Radonjic acknowledged that Grass has undergone “a handful of corporate clean-ups over the last couple of years,” but described them as administrative changes that had no operational impact. “These reflect normal early-stage restructuring as the project moved from initial development…into the current structure under the Grass Foundation,” he said. UNBOXING Censys’s Ashley said the phone home to China’s Tencent QQ instant messaging service was the first red flag with the Superbox devices she examined. She also discovered the streaming boxes included powerful network analysis and remote access tools, such as Tcpdump and Netcat. “This thing DNS hijacked my router, did ARP poisoning to the point where things fall off the network so they can assume that IP, and attempted to bypass controls,” she said. “I have root on all of them now, and they actually have a folder called ‘secondstage.’ These devices also have Netcat and Tcpdump on them, and yet they are supposed to be streaming devices.” A quick online search shows various Superbox models and many similar Android streaming devices for sale at a wide range of top retail destinations, including Amazon, BestBuy, Newegg, and Walmart. Newegg.com, for example, currently lists more than three dozen Superbox models. In all cases, the products are sold by third-party merchants on these platforms, but in many instances the fulfillment comes from the e-commerce platform itself. “Newegg is pretty bad now with these devices,” Ashley said. “Ebay is the funniest, because they have Superbox in Spanish — the SuperCaja — which is very popular.” Superbox devices for sale via Newegg.com. Ashley said Amazon recently cracked down on Android streaming devices branded as Superbox, but that those listings can still be found under the more generic title “modem and router combo” (which may be slightly closer to the truth about the device’s behavior). Superbox doesn’t advertise its products in the conventional sense. Rather, it seems to rely on lesser-known influencers on places like Youtube and TikTok to promote the devices. Meanwhile, Ashley said, Superbox pays those influencers 50 percent of the value of each device they sell. “It’s weird to me because influencer marketing usually caps compensation at 15 percent, and it means they don’t care about the money,” she said. “This is about building their network.” A TikTok influencer casually mentions and promotes Superbox while chatting with her followers over a glass of wine. BADBOX As plentiful as the Superbox is on e-commerce sites, it is just one brand in an ocean of no-name Android-based TV boxes available to consumers. While these devices generally do provide buyers with “free” streaming content, they also tend to include factory-installed malware or require the installation of third-party apps that engage the user’s Internet address in advertising fraud. In July 2025, Google filed a “John Doe” lawsuit (PDF) against 25 unidentified defendants dubbed the “BadBox 2.0 Enterprise,” which Google described as a botnet of over ten million Android streaming devices that engaged in advertising fraud. Google said the BADBOX 2.0 botnet, in addition to compromising multiple types of devices prior to purchase, can also infect devices by requiring the download of malicious apps from unofficial marketplaces. Some of the unofficial Android devices flagged by Google as part of the Badbox 2.0 botnet are still widely for sale at major e-commerce vendors. Image: Google. Several of the Android streaming devices flagged in Google’s lawsuit are still for sale on top U.S. retail sites. For example, searching for the “X88Pro 10” and the “T95” Android streaming boxes finds both continue to be peddled by Amazon sellers. Google’s lawsuit came on the heels of a June 2025 advisory from the Federal Bureau of Investigation (FBI), which warned that cyber criminals were gaining unauthorized access to home networks by either configuring the products with malicious software prior to the user’s purchase, or infecting the device as it downloads required applications that contain backdoors, usually during the set-up process. “Once these compromised IoT devices are connected to home networks, the infected devices are susceptible to becoming part of the BADBOX 2.0 botnet and residential proxy services known to be used for malicious activity,” the FBI said. The FBI said BADBOX 2.0 was discovered after the original BADBOX campaign was disrupted in 2024. The original BADBOX was identified in 2023, and primarily consisted of Android operating system devices that were compromised with backdoor malware prior to purchase. Riley Kilmer is founder of Spur, a company that tracks residential proxy networks. Kilmer said Badbox 2.0 was used as a distribution platform for IPidea, a China-based entity that is now the world’s largest residential proxy network. Kilmer and others say IPidea is merely a rebrand of 911S5 Proxy, a China-based proxy provider sanctioned last year by the U.S. Department of the Treasury for operating a botnet that helped criminals steal billions of dollars from financial institutions, credit card issuers, and federal lending programs (the U.S. Department of Justice also arrested the alleged owner of 911S5). How are most IPidea customers using the proxy service? According to the proxy detection service Synthient, six of the top ten destinations for IPidea proxies involved traffic that has been linked to either ad fraud or credential stuffing (account takeover attempts). Kilmer said companies like Grass are probably being truthful when they say that some of their customers are companies performing web scraping to train artificial intelligence efforts, because a great deal of content scraping which ultimately benefits AI companies is now leveraging these proxy networks to further obfuscate their aggressive data-slurping activity. By routing this unwelcome traffic through residential IP addresses, Kilmer said, content scraping firms can make it far trickier to filter out. “Web crawling and scraping has always been a thing, but AI made it like a commodity, data that had to be collected,” Kilmer told KrebsOnSecurity. “Everybody wanted to monetize their own data pots, and how they monetize that is different across the board.” SOME FRIENDLY ADVICE Products like Superbox are drawing increased interest from consumers as more popular network television shows and sportscasts migrate to subscription streaming services, and as people begin to realize they’re spending as much or more on streaming services than they previously paid for cable or satellite TV. These streaming devices from no-name technology vendors are another example of the maxim, “If something is free, you are the product,” meaning the company is making money by selling access to and/or information about its users and their data. Superbox owners might counter, “Free? I paid $400 for that device!” But remember: Just because you paid a lot for something doesn’t mean you are done paying for it, or that somehow you are the only one who might be worse off from the transaction. It may be that many Superbox customers don’t care if someone uses their Internet connection to tunnel traffic for ad fraud and account takeovers; for them, it beats paying for multiple streaming services each month. My guess, however, is that quite a few people who buy (or are gifted) these products have little understanding of the bargain they’re making when they plug them into an Internet router. Superbox performs some serious linguistic gymnastics to claim its products don’t violate copyright laws, and that its customers alone are responsible for understanding and observing any local laws on the matter. However, buyer beware: If you’re a resident of the United States, you should know that using these devices for unauthorized streaming violates the Digital Millennium Copyright Act (DMCA), and can incur legal action, fines, and potential warnings and/or suspension of service by your Internet service provider. According to the FBI, there are several signs to look for that may indicate a streaming device you own is malicious, including: -The presence of suspicious marketplaces where apps are downloaded. -Requiring Google Play Protect settings to be disabled. -Generic TV streaming devices advertised as unlocked or capable of accessing free content. -IoT devices advertised from unrecognizable brands. -Android devices that are not Play Protect certified. -Unexplained or suspicious Internet traffic. This explainer from the Electronic Frontier Foundation delves a bit deeper into each of the potential symptoms listed above. View the full article
  9. Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud infrastructures. The security defects "allow attackers to bypass authentication, perform path traversal, achieve remote code execution, cause denial-of-service conditions, and manipulate tags," Oligo Security said inView the full article
  10. Multiple security vendors are sounding the alarm about a second wave of attacks targeting the npm registry in a manner that's reminiscent of the Shai-Hulud attack. The new supply chain campaign, dubbed Sha1-Hulud, has compromised hundreds of npm packages, according to reports from Aikido, HelixGuard, JFrog, Koi Security, ReversingLabs, SafeDep, Socket, Step Security, and Wiz. The trojanizedView the full article
  11. At least four Christians were killed, including one who was beheaded, in recent attacks across Nampula province.View the full article
  12. Pope Leo XIV has issued an appeal for the liberation of students, clergy, and worshippers abducted in a series of violent attacks across Nigeria and Cameroon.View the full article
  13. This week saw a lot of new cyber trouble. Hackers hit Fortinet and Chrome with new 0-day bugs. They also broke into supply chains and SaaS tools. Many hid inside trusted apps, browser alerts, and software updates. Big firms like Microsoft, Salesforce, and Google had to react fast — stopping DDoS attacks, blocking bad links, and fixing live flaws. Reports also showed how fast fake news, AIView the full article
  14. New research from CrowdStrike has revealed that DeepSeek's artificial intelligence (AI) reasoning model DeepSeek-R1 produces more security vulnerabilities in response to prompts that contain topics deemed politically sensitive by China. "We found that when DeepSeek-R1 receives prompts containing topics the Chinese Communist Party (CCP) likely considers politically sensitive, the likelihood of itView the full article
  15. A Christian street preacher who was accused of making Islamophobic comments to a Muslim family has been cleared of harassment charges. View the full article
  16. Teacher says students are taught to ‘reject evil rather than engage with it’View the full article
  17. A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute a malware known as ShadowPad. "The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access," AhnLab Security Intelligence Center (ASEC) said in a report published last week. "They then used PowerCat, an open-sourceView the full article
  18. Reality star and businesswoman Kim Kardashian has revealed that she was the anonymous buyer who spent $80,276 to purchase her late father Robert Kardashian’s Bible, which had once been gifted to former NFL player O.J. Simpson.View the full article
  19. Nigerians have had enough of the government's failure to stop the endless violence.View the full article
  20. The Anglo-Saxon Church to negotiate a way forward in a context which, at one time, would have seemed disastrous.View the full article
  21. The China-linked advanced persistent threat (APT) group known as APT31 has been attributed to cyber attacks targeting the Russian information technology (IT) sector between 2024 and 2025 while staying undetected for extended periods of time. "In the period from 2024 to 2025, the Russian IT sector, especially companies working as contractors and integrators of solutions for government agencies,View the full article
  22. Most of Sudan's post-independence history has been marred by civil war.View the full article
  23. While fewer Americans are married than in previous generations, the desire to wed has not disappeared - even as divorce, cohabitation and remarriage are reshaping family life, a study suggests.View the full article
  24. A new 'Street Preacher's Charter' has been launched in Parliament after a succession of fines and arrests involving pastors, some of which have led to hefty compensation payouts from police. View the full article
  25. Hindu nationalists refused to let a Christian man be buried in his ancestral village.View the full article

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.